Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ekOqMYEnP7h3hzatDodfMxAHq7I.roa
File: ekOqMYEnP7h3hzatDodfMxAHq7I.roa (raw, json)
Hash identifier: hOiz44xeQUNKpmZh4VLqw/YFyB6AdADctbV/vhuzS/s=
Subject key identifier: 7A:43:AA:31:81:27:3F:B8:77:87:36:AD:0E:87:5F:33:10:07:AB:B2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD0AB35A7C6C858D9B2ADF6EEDF261
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ekOqMYEnP7h3hzatDodfMxAHq7I.roa
Signing time: Tue 02 Jan 2024 10:34:18 +0000
ROA not before: Tue 02 Jan 2024 10:34:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204750
IP address blocks: 2a0e:97c0:3d0::/44 maxlen: 48
2a0e:97c0:3e8::/48 maxlen: 48
2a0e:97c0:3d3::/48 maxlen: 48
2a0e:97c0:3d1::/48 maxlen: 48
2a0e:97c0:3d7::/48 maxlen: 48
2a0e:97c0:3d2::/48 maxlen: 48
2a0e:97c0:3d5::/48 maxlen: 48
2a0e:97c0:3d0::/48 maxlen: 48
2a0e:97c0:3d6::/48 maxlen: 48
2a0e:97c0:3d9::/48 maxlen: 48
2a0e:97c0:3e9::/48 maxlen: 48
2a0e:97c0:3d4::/48 maxlen: 48
2a0e:97c0:3df::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:0a:b3:5a:7c:6c:85:8d:9b:2a:df:6e:ed:f2:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a43aa3181273fb8778736ad0e875f331007abb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0d:c4:35:bc:c9:38:65:bd:7f:75:12:62:1f:
ee:ba:8d:7a:57:99:17:a5:a9:37:4d:c5:2d:29:ec:
ab:ef:8d:14:3d:30:32:16:c6:9c:1b:4c:af:86:b6:
ae:e1:e2:84:57:1d:9a:64:24:50:a1:3f:82:66:4b:
90:6d:97:22:3d:f3:4e:d3:29:c6:b1:47:af:69:34:
42:24:f2:c5:12:e9:e2:17:61:d2:65:c6:4e:0f:61:
a1:56:fd:37:3f:19:03:c1:b3:fe:77:c8:e2:2c:33:
e0:b1:7a:e0:8e:25:1c:72:f6:03:35:ab:79:d3:bb:
82:32:dc:9b:0a:59:85:0b:6b:47:35:18:c8:52:8a:
e2:c2:c7:48:98:88:70:24:c8:d3:42:09:4b:8b:e0:
d4:a7:63:92:41:7c:b7:e9:57:de:c9:89:da:b3:27:
9e:92:3c:10:0f:a4:03:07:e0:b6:9f:7c:15:8c:07:
f8:cd:c9:2c:e8:3f:ea:f6:58:61:c4:ce:8b:93:a3:
ca:ae:a1:7e:74:11:a9:63:71:53:69:af:dc:4c:7e:
5f:92:32:66:ae:71:65:f1:a5:1a:71:5b:ed:f8:66:
19:02:3c:fe:1a:a0:75:fd:90:3f:6e:31:f5:26:59:
95:88:eb:b7:6c:e8:22:ae:66:34:e7:75:e6:13:7d:
0f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:43:AA:31:81:27:3F:B8:77:87:36:AD:0E:87:5F:33:10:07:AB:B2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ekOqMYEnP7h3hzatDodfMxAHq7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3d0::/44
2a0e:97c0:3e8::/47
Signature Algorithm: sha256WithRSAEncryption
25:a2:6f:73:f0:c1:35:37:37:c3:8b:72:ee:32:ac:9b:05:91:
fc:75:59:60:3e:24:b4:04:44:e0:ee:5a:09:ea:0e:db:57:53:
04:1d:b6:96:42:86:ee:d9:f2:88:43:8c:dd:2f:dc:f1:a5:61:
93:d6:f3:97:6d:92:86:85:7b:c7:f4:bf:92:4a:54:32:b5:95:
88:b1:d5:9d:b7:bd:b2:2d:ba:0f:1f:6a:d2:47:bc:ce:00:84:
d0:ca:20:da:e6:48:7c:52:a6:56:61:bd:ac:df:7a:de:fe:2b:
a4:26:0f:2d:a3:1a:88:d7:7d:d9:ba:7f:b0:68:bd:16:fb:6e:
bf:39:6f:84:87:f7:af:12:96:ce:4a:e7:79:99:93:1d:13:0f:
51:e0:1f:4c:92:23:75:a2:24:59:97:a6:bd:a4:d5:a8:d0:6d:
74:30:e7:94:db:23:ee:28:8e:6c:ed:db:d3:ac:26:8e:af:2d:
80:bd:e1:74:55:45:d9:57:a6:13:41:3c:13:6d:8f:54:a7:13:
81:37:08:2a:0e:5d:76:d7:95:bb:03:1c:b5:90:9b:17:f4:78:
70:67:e3:5c:e6:0d:22:c5:07:14:7a:13:6b:1b:e9:33:c7:0c:
7f:b9:49:ba:93:eb:fc:92:56:d4:09:74:28:6e:df:61:28:2b:
76:d9:9c:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvQqzWnxshY2bKt9u7fJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQzYWEzMTgxMjczZmI4Nzc4NzM2YWQwZTg3NWYzMzEwMDdhYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA3ENbzJOGW9f3USYh/uuo16V5kX
pak3TcUtKeyr740UPTAyFsacG0yvhrau4eKEVx2aZCRQoT+CZkuQbZciPfNO0ynG
sUevaTRCJPLFEuniF2HSZcZOD2GhVv03PxkDwbP+d8jiLDPgsXrgjiUccvYDNat5
07uCMtybClmFC2tHNRjIUoriwsdImIhwJMjTQglLi+DUp2OSQXy36VfeyYnasyee
kjwQD6QDB+C2n3wVjAf4zcks6D/q9lhhxM6Lk6PKrqF+dBGpY3FTaa/cTH5fkjJm
rnFl8aUacVvt+GYZAjz+GqB1/ZA/bjH1JlmViOu3bOgirmY053XmE30PKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHpDqjGBJz+4d4c2rQ6HXzMQB6uyMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZWtPcU1ZRW5QN2gzaHphdERvZGZNeEFIcTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAPQ
AwcBKg6XwAPoMA0GCSqGSIb3DQEBCwUAA4IBAQAlom9z8ME1NzfDi3LuMqybBZH8
dVlgPiS0BETg7loJ6g7bV1MEHbaWQobu2fKIQ4zdL9zxpWGT1vOXbZKGhXvH9L+S
SlQytZWIsdWdt72yLboPH2rSR7zOAITQyiDa5kh8UqZWYb2s33re/iukJg8toxqI
133Zun+waL0W+26/OW+Eh/evEpbOSud5mZMdEw9R4B9MkiN1oiRZl6a9pNWo0G10
MOeU2yPuKI5s7dvTrCaOry2AveF0VUXZV6YTQTwTbY9UpxOBNwgqDl1215W7Axy1
kJsX9HhwZ+Nc5g0ixQcUehNrG+kzxwx/uUm6k+v8klbUCXQobt9hKCt22Zxg
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:58 2024 by rpki-client on console-ams.rpki-client.org